Most organizations treating AI governance as a future problem already have a breach in progress — they just haven’t found it yet. Carmel Wynkoop, Partner-in-Charge of AI, Analytics, and Automation at Armanino, argues that the governance gap, not the technology itself, is the primary AI security risk facing enterprises right now.
Drawing on a four-part framework (Controls, Accountability, Risk Assessment, Enablement), Wynkoop seeks to provide CIOs and security leaders a practical architecture for deploying AI at speed without creating exposure they cannot explain to a board or regulator. No theory. No back-to-basics. Just a clear argument and a playbook for the leaders already in the middle of this problem.
Wynkoop works with leadership teams across industries to build AI governance frameworks that enable confident, defensible deployment at scale. Digital Journal asked Wynkoop to explain how AI governance can be best managed in any business.
As Wynkoop explains: “If you’re leading AI adoption at your organization right now, you’re probably fielding two very different conversations. The first is with your team, about velocity. Businesses want their employees to use AI more and faster. The second is with your board or audit committee, about accountability: who owns this, what could go wrong, and are we ready to explain our decisions if we have to?”
Connecting these issues together, Wynkoop reassures: “These conversations feel like they’re pulling in opposite directions. They don’t have to. The organizations that will win the AI adoption race are the ones that can move quickly and demonstrate that they’re doing so responsibly. That requires a governance framework built that can adapt to where your enterprise is in the AI adoption cycle, and serve as a foundation for the innovation to come.”
The Risk Is Now Inside the Workflow
Data flows are key, explains Wynkoop: “Cybersecurity has traditionally focused on keeping threats out. AI requires equal attention to how data moves inside your organization. What this means is understanding who is using it, where it is going, and whether the workflow itself is creating exposure.”
For this understanding business culture matters: “The risks are often embedded in routine activity. An employee pastes confidential financial data into an external tool to speed up analysis. A generative model produces a client-facing summary that includes inaccuracies, which gets shared before anyone independently reviews it. A sensitive document is uploaded into a system that was never designed to handle regulated data. No one sets out to create a breach. They’re trying to be efficient.
The threat surface has shifted. Traditional security controls were not designed for environments where employees interact daily with AI systems that can ingest, transform, and redistribute sensitive data at scale. The exposure is not theoretical, it is operational, embedded in the tools your teams are already using with scaled vectors of attack.”
Working within a legal framework needs to be considered, as Wynkoop points out: “And existing law hasn’t paused for AI adoption. Privacy requirements, financial reporting standards, and industry-specific rules still apply. If confidential data is exposed or inaccurate information is distributed, the organization remains accountable regardless of whether AI was involved.”
A Framework Built for How AI Actually Works
Wynkoop proposes that businesses turn to the CARE framework, which gives technical and leadership teams a shared structure for responsible AI deployment.
The elements are:
Controls: Define what data can and cannot enter your AI systems. Implement access restrictions, logging, approval routing, and audit trails. If you can’t trace how data moves through an AI-enabled workflow, you don’t have sufficient oversight.
Accountability: Every AI-generated output needs a clear human owner. Review and validation must be built into the process, not treated as optional. Human-in-the-loop isn’t a design philosophy, it’s an operational requirement. That doesn’t mean having someone skim an outputted PDF, it means thoughtful review and cross-checking. Someone needs to be responsible before anything is finalized or shared, and that responsibility needs to be documented.
Risk Assessment: Evaluate AI use cases the same way you’d evaluate any new system deployment. Consider regulatory exposure, cybersecurity implications, third-party vendor dependencies, and data sensitivity. Document your decisions before scaling. The organizations that struggle most are those that piloted AI in a low-stakes environment and then expanded it into high-stakes workflows without reassessing.
Enablement: Most risky behavior stems from unclear policies and a lack of practical guidance. If employees don’t know what tools are approved, what data can be used, and what the boundaries are, they will create workarounds and those workarounds are where exposure lives. In practice this looks like an employee using a different AI model on their personal account with sensitive data because they want to see if the output differs from the tool your organization has enterprise access to. Train teams on approved tools and secure usage practices. Make the right path the easy path.
Start Where the Stakes Are Highest
With the case of ‘where to begin’?, Wynkoop advises: “You don’t need to halt your AI roadmap to reduce exposure. Start with the workflows that handle sensitive data: financial reporting, payroll, legal documentation, customer records. Identify where AI tools are being used today formally or informally. Shadow IT is rarely malicious; it’s usually a signal that approved tools aren’t meeting the need. Understand the gap before you close it.”
From there, Wynkoop says “three concrete steps make an immediate difference.”
These are:
- Map ownership across every active AI initiative if it takes more than 30 seconds to identify who owns the model, the data, and the outcome, you have a governance gap.
- Get ahead of ISO 42001, the emerging international standard for AI management systems, which regulators and enterprise customers are increasingly referencing.
- Brief your audit committee before they ask. Proactive disclosure builds credibility and creates a forcing function for documenting your governance posture.
Wynkoop concludes, observing: “Competitive pressure isn’t going away, and AI will continue to reshape operating models across every industry. The organizations that succeed won’t necessarily be the ones that moved fastest. They’ll be the ones that built guardrails early and could prove it when it mattered. This could be the year of the AI data breach. It doesn’t have to be yours.”
